Generally, security of electronic data depends on confidentiality, availability, and integrity. Confidentiality of electronic data means that the data is only given to those who are supposed to have it. Availability of electronic data means that the data is not going to be lost. Integrity of electronic data means that the data will not be corrupted or modified. Ensuring the confidentiality, availability, and integrity of electronic data often requires complex and expensive hardware and/or software solutions that achieve security objectives without limiting the practical use of the data.
Conventional systems utilize hardware and/or software encryption techniques for security. For example, encryption devices are used to encrypt information any time the information is placed on a network that is not secure. Current networks, such as local area networks (LANs), do not support multiple security levels over a shared network with the necessary assurance. Such a capability would enable the reduction in cost, size, weight, and power of electronic systems because of the reduction in hardware and software components needed.
Multiple software applications are often used in the transportation industry for both air and ground transportation. These software applications can be at differing safety criticality and differing security levels. As such, multiple resources are typically needed, such as multiple processors and networks, so that security levels can be isolated and not compromised. The multiple resources use dedicated components that only function for a specified security level.
Thus, there is a need for modular open systems architectures to support running software application partitions at differing security levels on shared processors, shared operating systems, and shared networks. Further, there is a need for network nodes and switches having security features for different socket connections between partitions at differing security levels. Even further, there is a need for a system and method for multi-level security on a common network.